Information leaks are one of the biggest problems that information security professionals face every day.

There are instances, such as the Heartland Payment Systems breach, where information was outright stolen from an organization. These often make the headlines because they offer a bit more intrigue than to more common mistakes that plague information confidentiality.

More often than the well coordinated attack, information is compromised when someone forwards an email that they shouldn’t or something is copied and passed around to people who shouldn’t be seeing the content.

While you can write and work to enforce policies that govern how data and information is handled in your organization, there are times when people are going to either not understand the ramifications of neglecting these policies or they will just ignore them.

To help organizations protect the confidentiality of certain content sent via email, email administrators can who employ Microsoft Exchange can turn to Information Rights Management tools to help keep content under lock and key.

Continue reading Prevent Email Forwarding with Information Rights Manager

Just recently, a new industry consortium made up of email providers, financial institutions, social media properties and security providers put their heads together and came up with the DMARC (Domain based Message Authentication, Reporting and Conformance) specification.

With a goal of setting up a collaborative effort to help organizations recognize and fight spoofed emails, spam, and phishing attempts, this group is relying on the deployment of the Sender Policy Framework and DomainKeys Identified Mail to complement existing anti-spam solutions.

With industry leaders like Google, Microsoft, PayPal and Bank of America already signed on, along with 11 other companies, DMARC’s work is certain to make a splash in the IT world.

To better help IT departments understand what DMARC is trying to do, and better prepare them to make a decision regarding DMARC, let’s take a little time and refresh our memory on SPF and DKIM. Continue reading Get Ready for DMARC – A Review of SPF and DKIM

According to most reports, the amount of email spam is diminishing.

Experts credit the takedown of massive botnets like Rustock, a more educated user base and advancements in spam fighting technologies for this trend. However, even though one of the most annoying, and troublesome, threats to email accounts is on a downswing it doesn’t mean for one second that email is no longer a part of the IT infrastructure that is vulnerable to threats.

Understanding the different ways cyber criminals and script kiddies can use vulnerabilities in email clients and servers to attack a system will help any email administrator keep email services running smoothly, and the entire infrastructure safe from a great number of exploits that can do some serious damage. Continue reading Addressing Three Major Email Threats

Email is one of the most important communications tools for businesses. When it stops working, people start to get nervous.

While there are many things that a user can do to mess up their email, many of these problems can be resolved with a restart of the software or the computer.

However when the old standby of restarting doesn’t work, it is time for the email administrator to start looking into the issue a bit more deeply.

Here are some of the more common errors found in Outlook 2007 along with some of the ways you can make things right again: Continue reading 5 Common Outlook Errors and How to Fix Them

In an age where millions of emails are sent every day it is hard to find someone who hasn’t made a mistake when sending a message.

If you are using Microsoft Outlook and Exchange, you can quickly recall a message and delete unread copies, if you are lucky that is and no one has opened the email. If someone has already opened your errant message, then it’s too late.

Companies have become a bit more cognizant that some employees are just a bit too quick to pull the Send trigger on their mail. To compensate, many have put into place a time delay that gives someone the opportunity to think twice about a message that was sent out and stop it before it is delivered. Continue reading Common Mistakes When Sending Emails

When starting out, many small businesses set up their email using one of the free accounts available to them. Services like Gmail by Google, Hotmail from Microsoft or Yahoo!’s mail service, provide a working email address with almost no maintenance for a business just getting its feet wet.

However this may not be the best way to make a first impression with your potential customers.

Listed below are seven reasons why you need to ditch the yourcompany@freeemail.com and go with an address that better reflects the image you want your company to have. Continue reading 7 Reasons to Ditch That Free Email Address

You may have read the stories about how Atos Origin, a French IT services company, is looking to make their offices an email-free workplace by the year 2013 to eliminate what they call email pollution.

By turning to collaborative social medial tools, such as the Atos Wiki, employees have already seen a 20% reduction in “email pollution” six months after this initiative went into practice.

Volkswagen has also attempted to cut back on after hour’s emails being sent to and from employees Blackberrys in a similar effort. However, while cutting back on emails like Atos is trying to do may seem trend setting, it hardly seems to be a realistic goal.

Not only because of how many workplaces have become reliant on emails to get work done, but rather how these people use email to get work done.

As we all know, emails are not only used to deliver electronic messages. People in office buildings all over the world have found ways to “hack” their email accounts to do much more than send and receive messages. Continue reading 5 Creative Uses For Email

Email compliance is always a hot issue. Yet even while there are laws and regulations governing how certain industries send, receive, store and secure email messages, 73.7% of people who responded to a survey admitted that they had violated email compliance policies at their workplace.

It is important to note as well that this number represents those who knowingly violate company email policies. The same survey showed that 42.7% of those asked claim that their company either doesn’t have email compliance policies, or they were unsure if such a policy was in place.

So what are some of the most common violations of these policies? Take a look:

Continue reading 5 Most Common Violations of Email Compliance

This morning I noticed the flashing red light on my Blackberry alerting me to a new message. Since this device is connected to my work email account, I decided to give it a look to see what was so important that it couldn’t wait until Monday.

I was lucky that I did check it. The new message was actually from my personal email account and the contents of the message contained only one link and other people were also sent the same message.

I realized immediately that my personal email account was sending spam. I was upset with this because working with email and security, I write and train others on best practices. Not only this, but I follow them as well. I make sure that: Continue reading Yes, My Email Account Was Compromised

At one time or another, most email administrators are tasked with the responsibility of writing up policies that govern the use of email in an organization. These policies are necessary to:

• Protect against email based threats and vulnerabilities
• Reduce the organization’s liability if email is used inappropriately by employees
• Prevent misconduct when it comes to email use
• Educate employees on email etiquette
• Inform employees of email monitoring policies. Continue reading 5 Ways To Increase Email Policy Compliance